Updated Switzerland-based IT consultant Tillie Kottmann on Thursday published a trove of confidential Intel technical material, code, and documents related to various processors and chipsets. A spokesperson for Intel told us the information was likely taken from its Resource and Design Center, which is a private library of resources for computer manufacturers and the like… Read More

Earlier this year, Bleeping Computer reported how invite links to private groups of messaging apps like WhatsApp and Telegram were visible on Google, letting anyone join the groups. This week, security researcher Athul Jayaram highlighted an issue with WhatsApp’s “wa.me” domain “leaking” contact phone numbers on Google. As stated by Jayaram and confirmed by BleepingComputer,… Read More

UpGuard can now disclose that a repository hosted on GitHub with data from an Amazon Web Services engineer containing personal identity documents and system credentials including passwords, AWS key pairs, and private keys has been secured from public access. The data was committed to a public repository on the morning of 13 January, 2020. It… Read More

Today I wanna write about a finding I discovered during a research project where the aim was to find critical vulnerabilities in Alexa Top 1 Million websites. The main focus was to discover common configuration issues which do not require sophisticated exploits, which are easy to find and which can have a high impact on… Read More

A popular fitness app that claims over six million users was leaking private and sensitive data, including health information and private messages sent between users. PumpUp, an Ontario-based company, bills itself as a fitness community, allowing subscribers to discover new workouts and record their results, and get advice from fitness coaches and other users. But… Read More

In March 2017, the FBI agents raided the Manhattan apartment of former NSA and CIA operative Joshua Schulte looking for top secret documents and hacking tools that the defendant allegedly leaked to WikiLeaks. We don’t know if they found what they were looking for, but according to court transcripts and documents reviewed by Motherboard, the… Read More

Kromtech Security said that it found the unprotected data on March 30, adding that it included a treasure-trove of information ranging from “full names, (street) addresses, email addresses, encrypted passwords, wallet information, along with links to scanned passports, driver’s licenses and other IDs,” according to the researchers. Source: threatpost… Read More

Update your Careem passcode, and then update your password on any other accounts using the same or similar details. Make your new one good and strong. Here’s how. And if we’ve said it once, we’ve said it a million times: reusing passwords is really, truly a terrible idea. So don’t! Watch out for spearphishers. Unsolicited… Read More